Bonum Certa Men Certa

Links 31/7/2020: Sys Admin Appreciation Day, GTK 3.99, Alpha of Wayland's Weston 9.0



  • GNU/Linux

    • Desktop/Laptop

      • System76 Announces New Keyboard For Linux With Interchangeable Keys
        For over a decade, Denver-based Linux PC vendor System76 has sold some of the best Linux laptops and desktops. As the company has already entered its Phase 3, it is now implementing what it aims — in-house product design and manufacturing.

        Starting with the in-house hand-crafted Thelio desktops, then Ubuntu-based Pop!_OS, and after announcing its own Linux laptop, System76 is now working on manufacturing its own custom keyboard.

      • Librem 14 Features Enhanced WiFi M.2 Key-E Slot

        In the quest to make the Librem 14 our dream laptop we have focused not just on maxing out CPU resources, RAM, and security features, but we’ve also looked to expand the flexibility for hardware hackers to extend the laptop for their own projects.

        As with our previous Librem laptops, on the Librem 14 WiFi and Bluetooth will be implemented as an M.2 add-on card which can also be removed completely (useful for those who want an “air gapped” computer). The M.2 slot follows the PCI M.2 specification for 2230 cards (22mm wide, 30mm long) key-E, i.e. the key used for WiFi, Bluetooth and other radio cards.

      • Has Ubuntu 20.04 Finally Come Far Enough to Take on Windows? It Sure Seems Like It

        Microsoft Windows has become the default operating system on Laptops and PC. So much so that Laptops now come with Windows pre-installed. Previously it used to be the case that many laptop manufacturers used to offer their products with no operating system or DOS. Since Windows 10 came into the world everything changed. You can run Windows 10 for free and get all the updates as well and without using any cracked versions. One could even argue that Microsoft went the Google route with Windows. So is windows better now or not?

        Well, it certainly seems that offering your product for free does come with a few compromises. One of the biggest ones is the compromise on Privacy. Most people are just average users who buy a machine and just use it without reading the terms of service and don’t tinker around with the settings. So is it worth it to use Windows still? The answer depends from one person to another but most users will argue that Windows has a polished UI and as a ton of support and software that will run flawlessly on the OS. That aspect of the argument is true if you are a content creator or video editor but if you are a developer or just a tech nerd then it might not be the case.

      • Say hello to the Linux Terminal 2.0 for Chrome OS

        Back in March, prior to the Chrome OS release calendar getting out of whack, the Linux terminal for Chrome OS was undergoing a major facelift that looked to be slated for the release of version 82. Since I generally live in the Canary channel, I was unaware that the update had not taken place. Instead, the refreshed Linux terminal actually arrived in the latest update to Chrome OS 84. Some of you reading this may be thinking “what the heck is a Linux terminal?” and that’s okay. Here’s a quick history lesson.

    • Server

      • Linux dominates supercomputing

        Twice a year, in June and November, TOP500 releases it a list of the 500 most powerful computer systems ranked by their performance on something called the LINPACK Benchmark, which calls for the computer being tested to solve a dense system of linear equations.

        I have heard it said, though not been able to verify, that Linux runs on more than 90% of public clouds, more than 60% of embedded systems and IoT devices, as much as 99% of supercomputers and more than 80% of smartphones. If these claims are even close to the truth, it attests to the success and versatility of Linux

        In the most recent TOP500 ranking, a Japanese supercomputer name Fugaku (derived from an alternate name for Mount Fuji) has taken the top spot and pushed the former leaders down a rank. Fugaku was co-developed by Riken and Fujitsu and uses Fujitsu's 48-core A64FX ARM chip. This is the first time a computer based on ARM processors has topped the list.

        The computer was fully assembled only in May but has already helped fight COVID-19 by sorting through more than 2,000 drugs that might effectively block the virus and found a dozen that show promise.

      • What sysadmins wish their co-workers knew about their jobs

        You have a problem, and reach out to the help desk or your friendly neighborhood admin. It's a quick fix, you're sure, but ugh they want you to file a ticket! What a pain, right? It might sound like they're giving you the cold shoulder but that's (usually) not the case. Admins want users to file tickets for a number of reasons.

        First of all, it helps them manage their time. It's hard to focus on longer projects when you are pelted with "this will just take five minutes" requests all day. Also, other people have been waiting for their ticket to be handled.

        Secondly, admins may need to account for their work and demonstrate that they are -- in fact -- busy and not just playing Doom Eternal all afternoon.

        Also, it helps keep track of problems that crop up frequently and assists with institutional memory. A well-kept ticketing system with a good search tool can help admins identify long-term problems that need fixing, and reduce the time to fix problems in the future by documenting how they were fixed today.

      • The sysadmin's journey: A series of unexpected events

        As part of the 21st annual System Administrator Appreciation Day celebration, I want to share these four pillars to help you improve your skills, just as they did with me.

      • Celebrate Sysadmin Appreciation Day today

        Happy Sysadmin Appreciation Day, and thank you for all you do. When email is flowing, databases just work as they should, and the network is screaming (in a good way), you can focus on more challenging things, like how to automate tasks to make your sysadmin life easier.

        But when things break, and we know they will, it's all hands on deck to fix the problem and find the root cause, so it doesn't happen again. Sometimes, you'll find that elusive answer, and sometimes you put your hands up and move on to the next fire.

        Here at Enable Sysadmin, we're building a great community of authors who want to share their stories, their expertise, and learn from each other. In May 2020, we officially launched our Sudoers program to recognize our core contributors, and we invite you to check it out and join us.

      • Celebrate Sys Admin Appreciation Day with Special Free Issue from ADMIN Magazine

        System Administrator Appreciation Day is a special day dedicated to system administrators around the world. This year, FOSSlife and ADMIN Network & Security are partnering to provide another installment of the ADMIN "Terrific Tools" series, dedicated to the tireless professionals who keep our networks alive and well.

        Celebrate System Administrator Appreciation Day with this collection of articles on free tools for IT professionals. This special digital issue includes useful utilities that will help you search out rootkits, monitor network traffic, generate easy-to-use passwords, and much more. Bonus articles explore hidden command-line tools and describe how to find resource bottlenecks with eBPF.

      • July 31, 2020: Celebrate “System Administrator Appreciation Day” Today

        Ted Kekatos, a System Administrator by profession got inspired by an Advertisement in Hewlett-Packard Magazine where an Administrator is greeted in the form of flowers and fruit-baskets by thankful co-workers for their new printer installed.

        Kekatos idea was further recognized and promoted by lots of IT organizations and professional including the ‘League of Professional System Administrator‘, SAGE/USENIX, etc.

        The first System Administrator Appreciation Day was celebrated on July 28, 2000. And since then celebrating System Administrator Appreciation Day every year gets a worldly recognition and today we reached the figure 21st.

    • Audiocasts/Shows

    • Kernel Space

      • Linux 5.7.12
        I'm announcing the release of the 5.7.12 kernel.

        All users of the 5.7 kernel series must upgrade.

        The updated 5.7.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.7.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-s...

      • Linux 5.4.55
      • Linux 4.19.136
      • Linux 4.14.191
      • Linux 4.9.232
      • Linux 4.4.232
      • systemd 246 released
        Systemd 246 has been released. There is an incredibly long list of new features, many of which have to do with support for encrypted and signed disk volumes. "Various command line parameters and configuration file settings that configure key or certificate files now optionally take paths to AF_UNIX sockets in the file system. If configured that way a stream connection is made to the socket and the required data read from it. This is a simple and natural extension to the existing regular file logic, and permits other software to provide keys or certificates via simple IPC services, for example when unencrypted storage on disk is not desired."

      • Eight Great Features Of Linux 5.8

        If all goes well the Linux 5.8 kernel will be released as stable this weekend. Linus Torvalds last weekend expressed some uncertainty whether an extra release candidate would be required, but so far this week the kernel Git activity is light, thus for the moment at least is looking like 5.8 will be christened on Sunday.

        In any case, Linux 5.8 stable should be out either this Sunday or the following weekend on 9 August. After the 5.8 merge window in June we wrote the Linux 5.8 feature overview, but if you forgot about those changes, here is a shorter list looking at eight of the most prominent new features of this kernel...

      • Intel PMT Framework + Tiger Lake Telemetry Support Updated For Linux

        Back in May I wrote about Intel working on Platform Monitoring Technology or hardware telemetry capabilities that are coming with Tiger Lake. The Linux support continues to be worked on for this "PMT" functionality although it looks like the work won't be ready in time for the imminent Linux 5.9 kernel merge window.

      • "Speakup" Promoted Out Of Staging For Linux 5.9

        The Speakup screen reader that is built into the kernel and allows for speaking all text printed to the text console from boot-up to shutdown for assisting blind individuals is now being promoted out of staging with Linux 5.9.

        Speakup has been around for more than a decade so blind users can interact with the video console / VT. There are a number of speech synthesizers supported and has been organized via Linux-Speakup.org as "basically a bunch of blind people who like messing around with Linux and writing cool and, hopefully useful, software."

      • Graphics Stack

        • weston 8.0.91
          This is the alpha release for Weston 9.0.0. This release cycle has been
          pretty quiet, with just a few new features:
          
          

          - A new kiosk shell allows to display regular desktop apps in an always-fullscreen mode - Improved testing infrastructure: the test harness has been redesigned, DRM tests are now supported, DRM and OpenGL tests are now enabled in our CI - DRM panel orientation property support

          As always, a number of bug fixes are included as well.

          Thanks to all contributors!

          Full commit history below.
        • Wayland's Weston 9.0 Reaches Alpha

          Weston 9.0 release preparations are getting underway. At least compared to the original Weston 9.0 release plans, this Wayland compositor is running about a month behind those plans but in any case the release is now making its way to reality.

          On Thursday shortly after the Weston kiosk/full-screen shell was merged, Weston 9.0 Alpha was tagged in getting the release process moving forward. Simor Ser is again serving as release manager.

        • RFC: libei - emulated input in Wayland compositors
          I've been working on a new approach for allowing emulated input devices in
          Wayland. Or in short - how can we make xdotool and synergy work? And
          eventually replace them.
          
          

          The proposal I have is a library for Emulated Input, in short libei. https://gitlab.freedesktop.org/whot/libei/

          libei has two parts, the client side (libei) for applications and a server side (libeis) for the compositor. The two libraries communicate with each other (how? doesn't matter, it's an implementation detail) to negotiate input devices.

          The process is roughly: - the libei client connects and says "I am org.freedesktop.SomeApplication and I want a pointer and a keyboard device" - the libeis server says "ok, you can have a pointer device and a keyboard device" - the libei client says 'move the pointer by 1/1', etc. and the server does just that. or not, depending on context.

          There are more details, see the README in the repo and the libei.h and libeis.h header files that describe the API.

          The sticking point here is: emulated input comes via a separate channel. The server a) knows it's emulated input, b) knows who it is coming from and c) has complete control over the input.

          a) is interesting because you can differ between the events internally. The API right now is very similar to libinput's events so integrating it into a compositor should be trivial.

          b) is somewhat handwavy if an application runs outside a sandbox - any information will be unreliable. Flatpak gives you an app-id though and with that we can (eventually) do things like storing the allow/deny decisions of the user in the portal implementation.

          c) allows you to e.g. suspend the client when convenient or just ignore certain sequences altogether. The two made-up examples are: suspend EI during a password prompt, or allow EI from the software yubikey *only* during a password prompt.

          Now, the next question is: how do they *start* talking to each other? libei provides multiple backends for the initial connection negotiation. My goal is to have this work with flatpak portals so an application running within the sandbox can be restricted accordingly. Alternatives to this could be public DBus interfaces, simple fd passing or (as is implemented right now) a named unix socket.

          The aim is that a client can simply iterate through all of the options until finds a connection. Once that's found, the actual code for emulating input is always the same so it's trivial to implement a client that works on any compositor that supports some backend of libeis. The server part only needs to care about the negotiation mechanisms it allows, i.e. GNOME will only have dbus/portal, sway will only have... dunno, fd exchange maybe?

          Next: because we have a separate channel for emulated input we can hook up XTEST to use libei to talk to a compositor. I have a PoC implementation for weston and Xwayland: https://gitlab.freedesktop.org/whot/weston/-/commits/wip/eis https://gitlab.freedesktop.org/whot/xserver/-/commits/wip/xwayland-eis With that xdotool can move the pointer. Note this is truly the most minimal code just to illustrate the point but you can fill in the blanks and do things like the compositor preventing XTEST or not, etc.

          This is all in very early stages with very little error checking so things will probably crash or disconnect unexpectedly. I've tried to document the API to make the intentions clear but there are still some very handwavy bits.

          Do let me know if you have any questions or suggestions please though.

          Cheers, Peter

        • LIBEI Yields New Effort For Emulating Input Devices In Wayland

          Red Hat's input expert Peter Hutterer has started writing another library to help the Linux input ecosystem: LIBEI. This new library is focused on offering emulated input device support for Wayland in order to support use-cases like xdotool for automating input events.

          The LIBEI library is working to support emulated input use-cases on Wayland to offer functionality akin to X11's xdotool automation software or the Synergy software for sharing keyboard/mouse setups between systems. LIBEI consists of a client library for applications and then a server-side library (LIBEIS) for the Wayland compositor integration. These two libraries communicate with each other for negotiating the emulated input events.

        • Alejandro Piñeiro: v3dv status update 2020-07-31

          Pipeline cache objects allow the result of pipeline construction to be reused. Usually (and specifically on our implementation) that means caching compiled shaders. Reuse can be achieved between pipelines creation during the same application run by passing the same pipeline cache object when creating multiple pipelines. Reuse across runs of an application is achieved by retrieving pipeline cache contents in one run of an application, saving the contents, and using them to preinitialize a pipeline cache on a subsequent run.

          Note that it can happens that a pipeline cache would not improve the performance of an application once that it starts to render. This is because application developers are encourage to create all the pipelines in advance, to avoid any hiccup during rendering. On that situation pipeline cache would help to reduce load times. In any case, that is not always avoidable. In that case the pipeline cache would allow to reduce the hiccup, as a cache hit is far faster than a shader recompilation.

          One specific detail about our implementation is that internally we keep a default pipeline cache, used if the user doesn’t provide a pipeline cache when creating a pipeline, and also to cache the custom shaders we use for internal operations. This allowed to simplify our code, discarding some custom caches that had alread implemented.

        • Raspberry Pi 4 "V3DV" Vulkan Driver Begins Tackling MSAA, Other Improvements

          This month the Raspberry Pi Foundation funded "V3DV" open-source Vulkan driver for the Raspberry Pi 4 began being able to run vkQuake. In ending out July, the developers at consulting firm Igalia who are working on this driver for the Raspberry Pi Foundation shared some of their latest driver activity.

        • X.Org's Latest Security Woes Are Bugs In LibX11, Xserver

          The X.Org/X11 Server has been hit by many security vulnerabilities over the past decade as security researchers eye more open-source software. Some of these vulnerabilities date back to even the 80's and 90's given how X11 has built up over time. The X.Org Server security was previously characterized as being even worse than it looks while today the latest vulnerabilities have been made public.

          CVE-2020-14344 is now public and covers multiple integer overflows and signed/unsigned comparison issues within the X Input Method implementation in the libX11 library. These issues can lead to heap corruption when handling malformed messages from an input method.

    • Applications

      • Linux Candy: Buoh – online strips comics reader

        Who loves eye candy? Don’t be shy — you can raise both hands!!

        Linux Candy is a series of articles covering interesting eye candy software. We only feature open-source software in this series.

        The subject of this article is Buoh. It’s an online comic strips reader that’s published under an open source license. It’s designed to bring a little light relief to your desktop. That sounds like a candidate for the Linux Candy series.

      • Qalculate! Desktop Calculator Brings Latest Version with Improvements

        Qalculate! the multi-functional GTK+ based desktop calculator released the latest version 3.12 with major features and improvements.

      • 7 Best Open Source “Disk Cloning/Backup” Tools for Linux Servers

        Disk cloning is the process of copying data from a hard disk to another one, in fact, you can do this process by copy & paste but you won’t be able to copy the hidden files and folders or the in-use files, that’s why you need a cloning software to do the job, also you may need the cloning process to save a backup image from your files and folders.

        Basically, the cloning software job is to take all disk data, convert them into a single .img file and give it to you, so you can copy it to another hard drive, and here we have the best 7 Open Source Cloning software to do the job for you.

      • The 10 Best Weather Tools for Linux System in 2020

        With the advancement of computers and the internet, we don’t need to look at the television screen or newspaper for weather updates. Rather, we can just pick our phone and get to know the current weather. Even if we are working on our Linux desktop, we can get notified about the forecastings. Thanks to the weather tools for Linux.

        Most of the modern Linux distributions come with a default weather app. Yet some distros lack this feature by default. These weather tools can show you a plethora of weather parameters by using the API keys of third-party weather info providers. You just need an internet connection, and you are good to go. Now you don’t need to worry about whether you should take the umbrella with you while going out.

      • Magnus – A Simple Screen Magnifier for Ubuntu

        Looking for a desktop magnifier? Besides enabling the built-in screen magnifier, there are a few third-party applications can do the job.

        Magnus is a very simple desktop magnifier written in Python 3. It shows the area around the mouse pointer in a separate window magnified two, three, four, or five times. Useful for users who need magnification, whether to help with eyesight or for accurate graphical design or detail work.

    • Instructionals/Technical

    • Games

      • Core Defense offers up a different kind of Tower Defense with deck-building

        Core Defense is a Tower Defense game at it's core but it's quite unusual in how it sprinkles in the content and it's out now with full Linux support. After being in Early Access on itch.io for a few months, it's looking good.

        It takes the usual wave-based approach from your typical TD game but instead of giving you set tower types and specific placements, it's a little more open-ended. As you progress through the waves, you build up your defences based on what cards you pick as rewards, a little like a deck-builder and you use these unlocks to gradually build through the blank canvas of a map you're given.

      • 4 ways to back up Steam games on Linux

        Are you a Linux gamer? Do you play a lot of Steam video games? Trying to figure out how to back up your games so you don’t have to keep re-downloading them? If so, this list is for you! Follow along as we talk about 4 ways to back up Steam games on Linux!

      • Monster Crown has a new adult take on Pokemon and it's now in Early Access

        With a darker tone, a setting aimed at adults and creatures that might give a few pixelated nightmares, Monster Crown has entered Early Access as a new breed in the genre of monster catching.

        Monster Crown definitely captures some of the spirit of early Pokemon games, with a new and unique take on it. Instead of throwing a magical ball to capture creatures and force them to your will, Monster Crown gets you to offer them a contract and see if they want to join you. It's a little odd but an interesting spin.

      • With seamless 2D and 3D camera switching, Neko Ghost, Jump! is funded on Kickstarter

        Neko Ghost, Jump! is an upcoming indie platformer with a great twist that allows you to easily switch between 2D and 3D modes whenever you want - and you need to.

        This perspective switching is used to get around enemies, puzzles, see platforms you can only access in specific modes and more. It's actually quite amusing when in action and works really well. We've covered it before to mention it but more importantly now, it's been fully funded on Kickstarter with time to spare—thanks to them being given an extension to their end date by the Kickstarter team.

      • Changing your country on Steam has been made harder to battle VPNs

        Something that has been happening for years now, is that people have been switching around their country on Steam and using VPNs to get cheaper prices - Valve looks to have put a stop to it.

        Why was this a thing? Thanks to regional pricing, countries that typically have lower incomes can enjoy the same games as others with lower prices to match. Being able to get around that to buy cheaper games using a VPN was a bit of a loophole, which has been sorted by Valve.

        Spotted by SteamDB, It's not entirely clear when this actually went live for everyone. Checking it myself, changing country on Steam is now a bit more involved. After doing so, you then need to make a purchase from a payment method registered to that country.

      • Stoneshard has a small equipment patch while they rework the AI and Dungeons

        Ink Stains Games have announced that their Early Access and thoroughly challenging roguelike, Stoneshard, is set to get a huge overhaul to the AI and Dungeon Generation systems.

        This was actually announced back in June, with the team going over their plans for it. For the AI they want to make it a lot more complex to allow different behaviours between factions, add in new enemy types with unique abilities, better pathfinding, add random NPC encounters and a whole lot more. As for the Dungeon rework, they're looking to add lots of unique rooms to it, removing a bunch of plain mandatory hallways you might see and add new types of dungeons.

      • First-person roguelike RPG 'Barony' has a Steam sale, Free Weekend and an upgrade

        Turning Wheel are continuing to upgrade their first-person roguelike RPG 'Barony', with a fresh update available and you can try it free on Steam.

        While they just released it temporarily free onto the Epic Store, which doesn't support Linux, they have put it on a big discount on Steam along with a Free Weekend so you can see if you like it. Not only that, they also recently pushed out an update with the Hall of Trials update. This free expansion adds 10 challenges to teach players more of the game and perhaps test the knowledge of regulars too. Looks like a nice proper intro to the game mechanics.

      • Impressive 2D action-RPG 'Chronicon' leaves Early Access on August 21

        To say I enjoy Chronicon would be quite the understatement, this 2D indie action-RPG has a huge amount of content and it's finally set to leave Early Access.

        Subworld has announced on August 21, after 5 years in Early Access it's going to be considered a complete game. However they will be continuing to update it with free smaller content updates to keep it fresh, as well as paid DLC that include major additions.

      • Care for spirits of the deceased in Spiritfarer, new teaser released plus Stadia confirmed

        Spiritfarer, the upcoming game from Thunder Lotus Games that looks like it deals with death in quite a sweet way as you care for the spirits of the deceased has a new teaser trailer and more release info.

        Wait, what is it? Spiritfarer is a 'cozy management game about dying', where you play as the ferrymaster to the deceased. You get to farm, mine, fish, harvest, cook, and craft your way across mystical seas as you befriend and care for spirits before eventually releasing them carefully into the afterlife as you learn how to say goodbye to your cherished friends.

      • Underwater suffering simulator Barotrauma gets a much improved campaign mode

        In the latest update to Barotrauma, the alien-world underwater co-op submarine sim (and very much a suffering simulator), the teams at FakeFish and Undertow Games have given it a bit of an overhaul.

        This is the biggest update to the game so far, so likely worth a re-look if you bounced off it previously. It certainly sounds like they've been acting on a lot of the feedback I saw across reviews and forum posts. They said that you should now actually get a real sense or progression, especially in the campaign mode, which has been enhanced greatly with all sorts like: randomised outposts that you can actually explore, multi-step scripted events, NPCs to interact with instead of just menu after menu, bots can be hired in multiplayer and bots are persistent now, there's a brand new campaign map and loads more improvements. That is but the tip of the iceberg as lots more got overhauled including a bunch of the graphics, new decorative items and various bug fixes.

      • The 'living comic book' rogue-lite platformer Fury Unleashed arrives on GOG

        After your next crazy action-platformer fix? Fury Unleashed looks fantastic and it's recently been made available on GOG giving you another choice on your store.

        "Fury Unleashed was created by combining inspiration from modern roguelite platformers, like Dead Cells and Rogue Legacy, with nostalgic memories of old-school platformer shooters, like Contra and Metal Slug."

    • Desktop Environments/WMs

      • GNOME Desktop/GTK

        • GTK 3.99

          This week, we’re releasing GTK 3.99, which can only mean one thing: GTK4 is getting really close!

          Back in February, when 3.98 was released, we outlined the features that we wanted to land before making a feature-complete 3.99 release. This was the list...

          We’ve dropped animation API from our 4.0 blocker list, since it requires more extensive internal restructuring, and we can’t complete it in time. But all the other features have found their way into the various 3.98.x snapshots, with the accessibility infrastructure being the last hold-out that landed very recently.

        • GTK 3.99 Released With The GTK4 Toolkit Finally Close To Debut
        • Implementing Recently Played Collection in GNOME Games

          In my previous blog post, I talked about how I added a Favorites Collection to Games. Favorites Collection lists all the games that’s marked as favorite. In this post I’ll talk about what went into adding a Recently Played Collection, which helps you get to recently played games more quickly.

          Since most of the ground work for supporting non-user collections are already done as part of introducing Favorites Collection, it required much less work to add another non-user collection. For Recently Played collection, the main differences from Favorites Collection in terms of implementation are...

    • Distributions

      • Meet Karmbian, an ARM Linux Distro for Ethical Hackers Based on Kali Linux and Armbian

        Launched just a few days ago, Karmbian is a Kali Linux based distribution optimized for ARM devices, including single-board computers (SBC) like the Raspberry Pi and ROCK64, as well as ARM laptops like the PineBook Pro.

        Being based on Kali Linux (formerly BackTrack), you can imagine that the whole purpose of the Karmbian project is provide ARM fans with a light and complete GNU/Linux distribution for ethical hacking and penetration testing.

        Now you’ll ask yourselves, why not run Kali Linux directly on my ARM device? Well, the Karmbian explain that running Kali Linux on a SBC has not always been possible. That’s why Karmbian is also using the Armbian toolchain, a Debian and Ubuntu based computer operating system for ARM development boards.

      • SUSE/OpenSUSE

        • oneAPI compatibility with all openSUSE

          As leader of the openSUSE Innovator initiative, openSUSE member and official oneAPI innovator, I tested the new release of the tool on openSUSE Leap 15.1, 15.2 and Tumbleweed. With the total success of the work, I made available in the SDB an article on how to install this solution on the openSUSE platform. More information here: https://en.opensuse.org/SDB:Install_oneAPI.

          oneAPI is an Unified, Standards-Based Programming Model. Modern workload diversity necessitates the need for architectural diversity; no single architecture is best for every workload. XPUs, including CPUs, GPUs, FPGAs, and other accelerators, are required to extract high performance.

          This technology have the tools needed to deploy applications and solutions across these architectures. Its set of complementary toolkits—a base kit and specialty add-ons—simplify programming and help developers improve efficiency and innovation. The core Intel oneAPI DPC++ Compiler and libraries implement the oneAPI industry specifications available at https://www.oneapi.com/open-source/.

        • openSUSE Tumbleweed – Review of the week 2020/31

          Week 31 has seen a steady flow of snapshots. The biggest snapshot was 0721, for which we had to do a full rebuild due to changes in the krb5 package, that moved some files around. In order for all packages to keep up with this change, the full rebuild was needed. The week in total has seen 7 snapshots being published (0721, 0724, 0726, 0727, 0728, 0729 and 0730)

      • IBM/Red Hat/Fedora

        • Fully Homomorphic Encryption Comes To Linux

          IBM has extended support for its Fully Homomorphic Encryption (FHE) toolkit to include Linux distributions for IBM Z and x86 architectures. The move follows the launch a few weeks ago for MacOS and iOS, FHE provides a way to carry out computations on encrypted data without it needing to be decrypted.

          For normal encryption techniques, data can be encrypted at rest and in transit, but if you want to use it, it has to be decrypted, at which point it is exposed and vulnerable to attack. Fully Homomorphic Encryption avoids this problem by providing a way to work with the encrypted data.

      • Canonical/Ubuntu Family

        • Linux Mint Monthly News – July 2020

          I’d like to thank you all for your support. Donations are usually quite high after a release and Linux Mint 20 is no exception. We received 924 donations in a single month! That’s quite an impressive number and it makes us feel really proud, both as a project and a community.

          Linux Mint 20 was well received but it introduced new challenges, both as a release and an upgrade. We’ll be focused on tackling these challenges for the next two years as well as implementing exciting refinements and new features in the upcoming point releases. Some of these are already listed on our Trello boards and roadmaps. I’d rather talk about them once they’re implemented and ready to be shipped though. Hopefully this time next month we’ll be able to give you a preview of some of them.

          In last month’s feedback we noted some users would like Linux Mint to package Chromium. We also observed confusion and lack of empowerment when it comes to dealing with foreign packages during the upgrade. These are two areas we’re looking into at the moment.

          LMDE 4 received many updates lately, including the new features from Linux Mint 20 and Cinnamon 4.6.

          A study on the popularity of Linux Mint releases showed some interested results and comforted some of the perception we had of our user base.

        • Charmed OSM Release EIGHT available from Canonical

          Canonical is proud to announce the general availability of OSM release EIGHT images in it’s Charmed OSM distribution. As of Release SEVEN, OSM is able to orchestrate containerised network functions (CNFs) leveraging Kubernetes as the underlying infrastructure for next-generation 5G services. Release EIGHT follows the same direction and brings new features that allow for the orchestration of a broader range of network functions and production environments.

          Open Source MANO (OSM) Release EIGHT is the result of great community work in a project that drives the most complete open source network function virtualisation (NFV) orchestrator in the market.

        • Full Circle Magazine #159

          This month: * Command & Conquer * How-To : Python, Podcast Production, and Rawtherapee * Graphics : Inkscape * Graphics : Krita for Old Photos * Linux Loopback * Everyday Ubuntu * Ubports Touch * Review : Ubuntu Unity 20.04 * Ubuntu Games : Mable And The Wood plus: News, My Opinion, The Daily Waddle, Q&A, and more.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Web Browsers

        • Mozilla

          • Ordering Browser Tabs Chronologically to Support Task Continuity

            Product teams working on Firefox at Mozilla have long been interested in helping people get things done, whether that’s completing homework for school, shopping for a pair of shoes, or doing one’s taxes. We are deeply invested in how we can support task continuity, the various steps that people take in getting things done, in our browser products. And we know that in our browsers, tabs play an important role for people carrying out tasks.

            [...]

            Fast forward to this year and the team working on Firefox for iOS was interested in how we might support task continuity involving leaving tabs open. We continued to see in user research the important role that tabs play in task continuity, and we wanted to explore how to make tab retrieval and overall tab management easier.

            In most web browsers on smartphones, tabs are ordered based on when a person first opened them, with the oldest tabs on one end of the interface (top, bottom, left, or right) and the newest tabs stacking to the opposite end of the interface. This ordering logic gets more complex if a new tab is prompted to open when someone taps on a link in an existing tab. A site may be designed to launch links in new tabs or a person may choose to open new tabs for links. The new tab, in that case, typically will open immediately next to the tab where the link was tapped, pushing all other later tabs toward the other end of the interface. All of this gets even trickier when managing more than just a few tabs. This brief demonstration illustrates tab ordering logic in Firefox for iOS before chronological tabs using the example of someone shopping for a good processor.

          • Tor’s Bug Smash Fund: Year Two!

            The Bug Smash Fund is back for its second year! In 2019, we launched Tor’s Bug Smash Fund to find and fix bugs in our software and conduct routine maintenance. Maintenance isn’t a flashy new feature, and that makes it less interesting to many traditional funders, but it’s what keeps the reliable stuff working--and with your support, we were able to close 77 tickets as a result.

            These bugs and issues ranged from maintenance on mechanisms for sending bridges via email and collecting metrics data to improving tor padding, testing, onion services, documentation, Tor Browser UX, and tooling for development. This work keeps Tor Browser, the Tor network, and the many tools that rely on Tor strong, safe, and running smoothly.

      • Productivity Software/LibreOffice/Calligra

        • 50 Open Badges awarded for top LibreOffice translators!

          A few months ago, we announced Open Badges for LibreOffice contributors. These are custom images with embedded metadata, awarded to our most active community members to say thanks for their great work!

          The metadata describes the contributor’s work, and the badge can be verified using an external service. Open Badges are used by other free software projects, such as Fedora.

      • Programming/Development

        • Call for Code Daily: tech for the disabled, chatbots, and the final push to submission close
        • Godot Release candidate: 3.2.3 RC 3

          Godot 3.2.2 was released on June 26 with over 3 months' worth of development, including many bugfixes and a handful of features. Some regressions were noticed after the release though, so we decided that Godot 3.2.3 would focus mainly on fixing those new bugs to ensure that all Godot users can have the most stable experience possible.

          Here's a third Release Candidate for the upcoming Godot 3.2.3 release. Please help us test it to ensure that no new regressions have slipped through code review and testing.

          Note: The previous 3.2.3 RC 2 was actually not built from the intended commit, and reflected the same changeset as RC 1. Tests made on RC 2 are still valid and useful, but did not help validate the very latest commits, hence this third release candidate. The changes new in this build are thus the ones made between RC 1 and RC 3.

        • What Is Fuzz Testing? A Guide.

          Not all software testing techniques have origin stories, but fuzz testing does: On a stormy evening in 1988, Barton Miller, a computer science professor at the University of Wisconsin-Madison, was using a dial-up connection to work remotely on a Unix computer from his apartment. He was attempting to feed input information into a computer program, only to see the program repeatedly crash.

          He knew that the electrical noise from the thunderstorm was distorting his inputs into the program as they traveled through the phone line. The distorted inputs were different from what the software needed from the user, resulting in errors. But as he describes in his book, Fuzzing for Software Security Testing and Quality Assurance, Miller was surprised that even programs he considered robust were crashing as a result of the unexpected input, instead of gracefully handling the error and asking for input again.

          [...]

          Miller’s concern about what he saw during his thunderstorm experience extended beyond the annoyance of having applications crash unexpectedly. Applications that are not able to handle unexpected input also pose security concerns. Errors that aren’t handled by the program are vulnerabilities that attackers can exploit to hack into systems.

          In fact, attackers often use fuzz testing tools to locate vulnerabilities in applications, according to Jared DeMott, the CEO of VDA Labs security testing company and the instructor of several Pluralsight courses on testing.

          “If you follow what we call a secure development lifecycle… fuzzing is one piece of the lifecycle that relates to the testing portion of it,” DeMott said.

        • [Old] Infinite scrolling on the web is complexity layered on top of complexity layered on top of complexity

          Does all that stuff sound hard? Sorry, but it’s worse.

        • Perl/Raku

          • New Tax Collection Tech Replaces 50-Year-Old System

            Fried said recent updates to the old system had fallen mainly to a single employee who had worked for the office for most of the five decades the system had been in place - and finding another programmer with similar skills would have been challenging. The old system used the COBOL programming language and a traditional mainframe computer, whereas the new system is cloud-based and can be managed entirely remotely.

        • Python

          • Why we open sourced our Python platform

            The team at Anvil recently open sourced the Anvil App Server, a runtime engine for hosting web apps built entirely in Python.

            The community reaction has been overwhelmingly positive, and we, at Anvil, have already incorporated lots of that feedback into our next release. But one of the questions we keep getting asked is, "Why did you choose to open source such a core part of your product?"

          • Python 3.8.5 : PyEphem astronomy library for Python - part 001.
          • Creating multiple windows in PyQt5/PySide2

            In an earlier tutorial we've already covered how to open dialog windows. These are special windows which (by default) grab the focus of the user, and run their own event loop, effectively blocking the execution of the rest of your app.

            However, quite often you will want to open a second window in an application, without interrupting the main window -- for example, to show the output of some long-running process, or display graphs or other visualizations. Alternatively, you may want to create an application that allows you to work on multiple documents at once, in their own windows.

            It's relatively straightforward to open new windows but there are a few things to keep in mind to make sure they work well. In this tutorial we'll step through how to create a new window, and how to show and hide external windows on demand.

          • Real Python Podcast Interview

            I am on the latest Real Python podcast where I talk about my ReportLab book, wxPython, and lots more.

            The podcast episode that I take part in is called Episode 20: Building PDFs in Python with ReportLab. Check it out and feel free to ask questions in the comments.

          • Real Python Episode 20: Building PDFs in Python with ReportLab

            Have you wanted to generate advanced reports as PDFs using Python? Maybe you want to build documents with tables, images, or fillable forms. This week on the show we have Mike Driscoll to talk about his book “ReportLab - PDF Processing with Python.”

            Mike is an author of multiple books about Python, and has recently re-written his Python 101 book. He is also a member of the Real Python team and has written several articles for the site. Along with our discussion about ReportLab and PDFs, Mike talks about being a self-published author. We also talk briefly about his favorite Python GUI framework.

          • Bring your Mycroft AI voice assistant skill to life with Python

            In the first two articles of this series on Mycroft, an open source, privacy-focused digital voice assistant, I covered the background behind voice assistants and some of Mycroft's core tenets. In Part 3, I started outlining the Python code required to provide some basic functionality to a skill that adds items to OurGroceries, a grocery list app. And in Part 4, I talked about the different types of intent parsers (and when to use each) and expanded the Python code so Mycroft could provide audible feedback while working through the skill.

            In this fifth article, I will walk through the remaining sections required to build this skill. I'll talk about project dependencies, logging output for debugging purposes, working with the Mycroft web UI for setting values (such as usernames and passwords), and how to get this information into your Python code.

          • PSF GSoC students blogs: Week 5 Blog Post
          • PSF GSoC students blogs: Week 8
  • Leftovers

    • To Walk With the Wind
    • The Tory 1000

      It is night, the type of bleak, starless night where one can make out the forms of great clouds, vast palls of blackness hovering over the London skyline like so much choking, toxic smog. Below, the river slashes through the sleeping city, a twisting gash of black-bubbling water, hissing with the corpses of the diseased and the dead, slowly putrefying in its darkness.

    • The Biography That Reimagined a Life—and the Genre

      In her introduction to the 1972 biography The True History of the First Mrs. Meredith and Other Lesser Lives, Vivian Gornick imagines its author, Diane Johnson, playing a board game. The people she writes about are pawns in her control; she can move them around the board however she likes. She might skip spaces and abruptly pull them into new settings or send them forward or backward in time: “Any persona might be moved to a position on the board that might increase or decrease their point value and send the story spinning,” Gornick writes. Johnson is also the one who assembled the board. The result, Gornick says, is one of the most unusual, eccentric biographies she has ever read.

    • Science

      • Think Cancel Culture Doesn’t Exist? My Own ‘Lived Experience’ Says Otherwise

        This isn’t the first time I’ve alluded publicly to my ordeal. I’ve spoken about it on Twitter and various podcasts. But the ongoing effort to deny cancel culture’s existence has convinced me that I need to lay out my own experience in a more systematic way.

        In 2008, I decided to pursue a career as an academic biologist. Science in general, and evolutionary biology in particular, had been a passion from a young age. Even as an undergraduate, I maintained a blog that I used to debunk pseudoscience, and critique creationism and Intelligent Design. I was outspoken, and sometimes launched headlong into debates with Christian conservatives. Creationists and IDers frequently told me I was wrong or stupid, but my critics never called me a bigot.

        This changed, however, when I started graduate school in 2013. This was an environment where I didn’t have to worry about right-wing creationists. Rather, the pseudoscience I observed was coming from the other side of the political spectrum—especially in the form of “Blank Slate” proponents who argued (falsely) that sex differences in human personality, preferences, and behavior are entirely the result of socialization.

    • Education

      • University App Mandates Are The Wrong Call

        As students, parents, and schools prepare the new school year, universities are considering ways to make returning to campus safer. Some are considering and even mandating that students install COVID-related technology on their personal devices, but this is the wrong call. Exposure notification apps, quarantine enforcement programs, and similar new technologies are untested and unproven, and mandating them risks exacerbating existing inequalities in access to technology and education. Schools must remove any such mandates from student agreements or commitments, and further should pledge not to mandate installation of any technology.

        Even worse, many schools—including Indiana University, UMass Amherst, and University of New Hampshire—are requiring students to make a general blanket commitment to installing an€  unspecified tracking app of the university’s choosing in the future. This gives students no opportunity to assess or engage with the privacy practices or other characteristics of this technology. This is important because not all COVID exposure notification and contact tracing apps, for example, are the same. For instance, Utah's Healthy Together app until recently collected not only Bluetooth proximity data but also GPS location data, an unnecessary privacy intrusion that was later rolled back. Google and Apple’s framework for exposure notification based on Bluetooth is more privacy-protective than a GPS-based solution, but the decision to install it or any other app must still be in the hands of the individuals affected.

      • Prosecutors Say They Support Releasing Girl Who Was Detained for Not Doing Her Schoolwork

        The Oakland County prosecutor’s office has told the Michigan Court of Appeals that it supports the release of a 15-year-old high school student who has been in a juvenile facility since May when she violated probation by not completing her schoolwork.

        The response from Prosecutor Jessica Cooper’s office on Wednesday came after an attorney for the Michigan teenager, known as Grace,* asked the Michigan appellate court on Monday to hear the case on an emergency basis and order her released immediately from the facility where she has been held since May 14. Cooper is up for reelection in a primary next week.

      • If We Reopen Schools, We Admit That Community Safety Is Not Our Priority

        A simple family moment this week revealed to me how thoroughly unprepared this country is to send its children back to school while COVID-19 still rages unchecked across the land. I needed little convincing before this happened, but afterward, I was surer than ever that calamity and failure awaits us if we swing the school doors open next month.

    • Hardware

      • BCM MX4305UE Industrial Mini-ITX Motherboard Features Intel Celeron 4305UE Processor

        The board supports both Windows 10 and Linux distributions.

      • Apollo Lake industrial mini-PC supports Linux

        Vecow’s Linux-ready, -40 to 75€°C tolerant “SPC-4010C” industrial mini-PC is built around a dual-core Apollo Lake SoC with up to 8GB RAM, 2x GbE, SATA, HDMI, 4x USB, and 2x mini-PCIe with SIM card and mSATA.

        Vecow announced a minor revision to its Apollo Lake based SPC-4010 mini-PC called the SPC-4010C. If you already know about the SPC-4010, all you need to do is read the following paragraph. However, if like us, you are new to the SPC-4000 series, you may be interested in joining us for a brief tour of all six Apollo Lake based SPC-4000 models below. The fanless systems supports Linux and Win 10 for machine vision, robot control, infotainment, factory automation, intelligent control, and other compact AIoT applications.

    • Health/Nutrition

      • A Lethal Hypocrisy

        Late last week Donald Trump and the Republican Party he leads pulled the plug on their national convention in Jacksonville, Florida. It was supposed to be an extravaganza of praise and adoration for the president, papering over the harsh reality that he has failed the nation in the face of mounting calamities. Yet, while cancelling their convention because€ the coronavirus pandemic is raging out of control, they’re demanding that schools reopen full time and are willing to expose the nation’s children to the risk of nearly certain disease and death they are unwilling to take. Republicans, hypocrisy, lethal hypocrisy, is thy name.

      • Coalition of Over 500 Faith Leaders Demand Utility Shutoff Moratorium During Pandemic

        "As moral leaders, we join with people coming together to demand that our basic human needs are met."

      • It Only Took A Massive Pandemic For Hollywood To Ease Off Stupid, Dated Movie Release Windows

        Among the dated and dumb business concepts exposed as folly during the pandemic is the traditional Hollywood film release window, which typically involves a 90 day gap between the time a move appears in theaters and its streaming or DVD release (in France this window is even more ridiculous at three years). The goal is usually to "protect the traditional film industry," though it's never been entirely clear why you'd protect traditional theaters at the cost of common sense, consumer demand, and a more efficient model. Just because?

      • Trump’s October Surprise: A Vaccine for Covid-19?

        The time it takes to develop an effective vaccine is ordinarily denominated in years. For some pathogens, like HIV, a vaccine has proven to be elusive after almost four decades. Yet President Donald Trump clearly expects a vaccine against SARS-Cov-2 (the virus that causes the disease Covid-19) to be available this year. Even some scientists, such as Dr. Anthony S. Fauci, director of the National Institute of Allergy and Infectious Diseases, only hedge a bit, pushing the window of availability into early 2021. There has been enormous hype about the candidate products in the pipeline, with almost a billion dollars in federal money flowing to the maker of one of the widely touted vaccines, the biotech company Moderna, which has never brought a product to market, while the chief medical and financial officers of the firm have made tens of millions from trading in options on the company’s stock. With the nation’s response to Covid-19 an utter failure, the hopes of many have been redirected to the promise of a vaccine that will arrive like a Christmas present, neatly wrapped and tied with a glistening bow. No one wants to wake up Christmas morning to see nothing under the tree for them.

      • The Clock Is Ticking: 5 Key Demands for the New Coronavirus Bill

        This bill is perhaps our only chance to get COVID-19 under control, Americans fed, and the economy back up and running.

      • Chomsky on Cuba’s “Internationalist” Response to Pandemic & Need to Make Vaccine Globally Accessible

        As the world races to develop a COVID-19 vaccine, Noam Chomsky says any successful treatment must be accessible to everyone, and he warns that President Trump’s withdrawal from the World Health Organization will hamper the international body’s efforts to distribute medicine in countries racked by poverty and war. “There’s at least one country in the world that is showing genuine internationalism, providing medical aid and support for people that need it,” Chomsky says, and that is Cuba.

      • ‘Even In a Pandemic, We’re Still a Minority’

        The borders of our world not only cut across international boundaries; they also increasingly stretch deeply into the interior of nations—into our homes, cities, communities, courts, and everyday interactions. Citizenship status, visa status, vulnerability to deportation—these are just a few of the dividing lines increasingly separating our country into different communities with starkly different options for how or if its members become full participants in our national experiment.

      • Noam Chomsky: Decades of “the Neoliberal Plague” Left U.S. Unprepared for COVID-19 Outbreak

        As the U.S. coronavirus death toll tops 150,000, we spend the hour with world-renowned political dissident, linguist and author Noam Chomsky, who says decades of neoliberal policies that shredded the social safety net and public institutions left the country ill-prepared for a major health crisis. “We should understand the roots of this pandemic,” he says.

      • Media Cover for US Clients’ Covid Catastrophes in Peru, Ecuador and Chile

        Back in March, when coronavirus cases were beginning to surge in the US and in South American allies such as Brazil and Ecuador, Washington was busy raising the alarm about the “expansion of Covid-19 pandemic in the region, if not globally, if Venezuela… fails to address it.” Venezuela was reporting under 150 cases at the time.

      • Disinformation Campaigns Are Murky Blends Of Truth, Lies And Sincere Beliefs: Lessons From The Pandemic

        The COVID-19 pandemic has spawned an infodemic, a vast and complicated mix of information, misinformation and disinformation.

      • “It Cost Me Everything”: In Texas, COVID-19 Takes a Devastating Toll on Hispanic Residents

        HOUSTON — Two weeks after Valery Martinez’s 41-year-old cousin was rushed to a hospital with severe symptoms of COVID-19, Martinez wrote a post on Facebook, thanking the doctors and nurses at Memorial Hermann Southeast Hospital in Houston who were working to save him.

        “You are the real heroes putting your life on the line in this difficult time,” Martinez wrote. “May God continue to cover and protect you and your families.”

      • Herman Cain Dies of COVID-19

        Herman Cain, a pizza business magnate who unsuccessfully ran for the 2012 Republican Party nomination for president, has died Thursday due to complications from coronavirus.

      • 'I Ran 22 Miles In A Mask To Show They Are Safe'

        But as more stories about my run appeared on social media, the murkier side of the [I]nternet started to show. It was almost like a switch had been flicked—I was accused of being a government shill, deliberately using a substandard mask with breathing gaps, and it was said that I was not a doctor but a professional athlete brought in to encourage "compliance" from the public.

      • New Study Shows Kids Are COVID Spreaders, Too

        Coronavirus testing performed in Chicago in March and April shows that children and teens tend to have as much virus in their nasal passages as adults, according to a research letter published online July 30 in JAMA Pediatrics.

        In fact, children younger than 5 carried the highest viral loads, the researchers reported.

      • Age-Related Differences in Nasopharyngeal Severe Acute Respiratory Syndrome Coronavirus 2 (SARS-CoV-2) Levels in Patients With Mild to Moderate Coronavirus Disease 2019 (COVID-19)

        Children are susceptible to infection with severe acute respiratory syndrome coronavirus 2 (SARS-CoV-2) but generally present with mild symptoms compared with adults.1 Children drive spread of respiratory and gastrointestinal illnesses in the population,2 but data on children as sources of SARS-CoV-2 spread are sparse.

      • The first dog in the US to test positive for COVID-19 has died

        Buddy initially displayed symptoms of COVID-19 in April. He struggled to breathe, became lethargic and lost weight, according to an exclusive report from National Geographic.

      • Coronavirus: Manchester lockdown rules cause 'confusion and distress'

        A statement released by the Greater Manchester Combined Authority (GMCA), in partnership with council leaders, on Friday said the timing and content of the announcement "has caused confusion and distress for our residents".

        It is "strongly recommended" that in the future "full supporting details should be available to the public at the moment any public or media statement is made", the GMCA said.

        Greater Manchester leaders also claimed they are not convinced that including gardens in the restrictions, which will be reviewed weekly, is "a proportionate measure".

        "We therefore call on the government to provide further evidence or amend the regulations," a GMCA spokesperson added.

        Further support for hospitality businesses that have recently opened as well as those who have been shielding is needed as well, the GMCA said.

    • Integrity/Availability

      • GRUB2 UEFI SecureBoot vulnerability - 'BootHole'



        UEFI Secure Boot (SB) is a verification mechanism for ensuring that code launched by a computer's UEFI firmware is trusted. It is designed to protect a system against malicious code being loaded and executed early in the boot process, before the operating system has been loaded.

        SB works using cryptographic checksums and signatures. Each program that is loaded by the firmware includes a signature and a checksum, and before allowing execution the firmware will verify that the program is trusted by validating the checksum and the signature. When SB is enabled on a system, any attempt to execute an untrusted program will not be allowed. This stops unexpected / unauthorised code from running in the UEFI environment.

        Most x86 hardware comes from the factory pre-loaded with Microsoft keys. This means the firmware on these systems will trust binaries that are signed by Microsoft. Most modern systems will ship with SB enabled - they will not run any unsigned code by default, but it is possible to change the firmware configuration to either disable SB or to enrol extra signing keys.

        Debian, like many other Linux-based operating systems, uses a program called shim to extend that trust from the firmware to the other programs that we need to be secured during early boot: the GRUB2 bootloader, the Linux kernel and firmware update tools (fwupd and fwupdate).

      • [Old] Delaware drops internet-based voting system used by some absentee voters amid security concerns

        They found the system vulnerable to vote manipulation by malware on the voter’s device and by “insiders” or other attackers that might compromise Democracy Live, Amazon, Google, or Cloudflare— third party entities involved in the system.

        They also found concerns with voter data privacy. Democracy Live receives sensitive personal information, such as the voter’s identity, ballot selections and browser fingerprint, which the researchers argue could be used to target political ads or disinformation campaigns. This data is collected when voters mark their ballots digitally in the system, regardless of whether they return them through the system or by mail, email or fax, which OmniBallot also allows.

      • Proprietary

        • Microsoft’s Edge browser is crashing if you have Google set as default search

          Microsoft’s new Edge browser started randomly crashing when users typed into the address bar tonight. The issues appear to have affected Edge users who have selected Google as the default search engine. Microsoft investigated the problem and now says it’s believed to have been resolved.

          Microsoft recommends turning off Search Suggestions in edge://settings/search. The Verge has tested this workaround and it solves the problem if you have Google set as your default search engine.

        • Pseudo-Open Source

          • Openwashing

            • Does Your Organization Need an Open Source Program Office?

              Every modern enterprise uses some open source software, or at the very least uses software that has open-source components. In an enterprise setting, the number of different open source projects an organization might use could easily be in the hundreds of thousands, and there could also easily be just as many engineers using those open source projects.

              While the reality is that enterprises use open source software, open source communities have a completely different culture — one focused on collaboration in a way that is foreign to most standard business environments.

              “As a business, it’s a culture change,” explained Jeff McAffer, who ran Microsoft’s Open Source Program Office for years and now is a director of product at GitHub focused on promoting open source in enterprises. “Many companies, they’re not used to collaboration. They’re not used to engaging with teams outside of their company.”

              What exactly are Open Source Program Offices (OSPOs)? What do they do, who needs them and why? We spoke with a couple of people who lead open source program offices to learn more.

        • Security

          • X.org security fixes address potential ASLR bypass, heap corruption

            The X.Org project has announced two security advisories that impact Xserver and libX11. The first advisory for X server is regarding uninitialized memory in AllocatePixmap() that could lead to address space layout randomization bypass. The second, impacting libX11, is a heap corruption caused by integer overflows and signed/unsigned comparisons.

          • Reproducible Builds (diffoscope): diffoscope 154 released

            The diffoscope maintainers are pleased to announce the release of diffoscope version 154. This version includes the following changes:

            [ Chris Lamb ]
            
            

            * Add support for F2FS filesystems. (Closes: reproducible-builds/diffoscope#207) * Allow "--profile" as a synonym for "--profile=-". * Add an add_comment helper method so don't mess with our _comments list directly. * Add missing bullet point in a previous changelog entry. * Use "human-readable" over unhyphenated version. * Add a bit more debugging around launching guestfs. * Profile the launch of guestfs filesystems. * Correct adding a comment when we cannot extract a filesystem due to missing guestfs module.
          • BootHole fixes causing boot problems across multiple Linux distros
          • Red Hat Security Update Renders Systems Unbootable

            Update, shared by PAjamian: Red Hat is now recommending that users do not apply grub2, fwupd, fwupdate or shim updates until new packages are available.

          • Red Hat and CentOS systems aren’t booting due to BootHole patches

            Early this morning, an urgent bug showed up at Red Hat's bugzilla bug tracker—a user discovered that the RHSA_2020:3216 grub2 security update and RHSA-2020:3218 kernel security update rendered an RHEL 8.2 system unbootable. The bug was reported as reproducible on any clean minimal install of Red Hat Enterprise Linux 8.2.

          • Bug in widely used bootloader opens Windows, Linux devices to persistent compromise

            CVE-2020-10713, named “BootHole” by the researchers who discovered it, can be used to install persistent and stealthy bootkits or malicious bootloaders that will operate even when the Secure Boot protection mechanism is enabled and functioning.

            “The vulnerability affects systems using Secure Boot, even if they are not using GRUB2. Almost all signed versions of GRUB2 are vulnerable, meaning virtually every Linux distribution is affected,” the researchers explained.

            “In addition, GRUB2 supports other operating systems, kernels and hypervisors such as Xen. The problem also extends to any Windows device that uses Secure Boot with the standard Microsoft Third Party UEFI Certificate Authority. Thus the majority of laptops, desktops, servers and workstations are affected, as well as network appliances and other special purpose equipment used in industrial, healthcare, financial and other industries. This vulnerability makes these devices susceptible to attackers such as the threat actors recently discovered using malicious UEFI bootloaders.”

            The researchers have done a good job explaining in detail why the why, where and how of the vulnerability, and so did Kelly Shortridge, the VP of Product Management and Product Strategy at Capsule8. The problem effectively lies in the fact that a GRUB2 configuration file can be modified by attackers to make sure that their own malicious code runs before the OS is loaded.

          • Security updates for Friday

            Security updates have been issued by Debian (grub2 and mercurial), Fedora (chromium, firefox, and freerdp), Oracle (firefox and kernel), Red Hat (firefox), Scientific Linux (firefox, grub2, and kernel), and SUSE (ghostscript and targetcli-fb).

          • Fear, Uncertainty, Doubt/Fear-mongering/Dramatisation

          • Privacy/Surveillance

            • Australian Tech Giant Says Country's Anti-Encryption Laws Are Harming Local Tech Companies

              The Australian government rang in 2019 by saddling the nation's tech companies with compelled decryption mandates. The new law gave the government the power to demand technical assistance to access any data or communications sought by law enforcement or security agencies. Sure, "case-by-case" solutions might work for awhile, but sooner or later, built-in backdoors would expedite things for both the government and their compellees.

            • Big Google and Facebook are Watching You!

              Today, the Internet is everywhere. Well over half of the planet’s entire population either likes to be on the Internet or has to rely on the web for business, work, and social engagement. People read the news, send notes to loved ones, birthday cards, do their job – increasingly via Skype and Zoom. Others seek answers to an urgent question. More than four billion people see the Internet as central to the way how they communicate, learn, study, go shopping, participate in the business, and organise themselves socially as well as politically.

            • Twitter’s algorithm does not seem to silence conservatives

              Then from September to December we checked every ten minutes if Mr Trump had tweeted something. If so, three things happened. First, our clone repeated the tweet. Second, we checked its Twitter feed and recorded the first 24 posts served by the algorithm. Finally, we simulated what a chronological feed might have looked like, using the 24 most recent tweets by accounts that Mr Trump follows.

              Our algorithmic and chronological feeds differed starkly. Nearly half the recommended tweets were from users whom Mr Trump does not follow. Using sentiment-analysis tools to extract feelings from text, we found the average curated tweet was more emotive, on every scale, than its chronological equivalent—and more so than Mr Trump’s own posts, too.

    • Defence/Aggression

      • Because Going to War 'Is Not a Game,' Lawmakers Urged to Vote for AOC's Ban Military Recruiting on Twitch

        "Children should not be targeted."

      • An Attack on Edward Said’s Legacy

        I traveled to Israel and the Occupied Territories in the early 2000s with the progressive group Faculty for Israeli-Palestinian Peace. We made an effort to gain insight into most of the players in the conflict, and so a series of interviews was arranged with members of the Israeli right wing. I remember that one of them was Caroline Glick, an ardent American-Israeli Zionist. She lectured us on the positive personal relationships allegedly prevalent between Israeli Jews and Palestinians.

      • We Don't Need Trump's Thugs in Chicago

        “Hitler had his Brown shirts and Mussolini had his Black shirts, now Donald Trump has his camouflage shirts.” Thus began a statement signed by 15 distinguished interdenominational religious leaders in Chicago that I joined, including ministers, priests, and rabbis.

      • What's Going on in Portland

        I have been a resident of Portland, Oregon since 2007. So I have been hearing from more people than usual lately, all asking the same question: what’s going on in Portland?

      • How Bad is the 2021 National Defense Authorization Act?

        Somehow, Congress couldn’t find the time last week to renew extended unemployment benefits or the federal moratorium on evictions. Congress had something more pressing to think about than 30 million unemployed Americans: the Pentagon budget. On July 21 and 23, the House of Representatives and the Senate approved their versions of the Pentagon’s annual spending bill, the National Defense Authorization Act. To paraphrase Douglas Adams’ comment about the universe, the National Defense Authorization Act for Fiscal Year 2021 is big. Really big. Weighing in at $740.5 billion, the NDAA for FY 2021 casts its Brobdingnagian shadow over the military budgets of the next eleven countries combined.

      • Trump's Properties Are a Playground for White Nationalists, Far Right Extremists

        Conspiracy theorists, alt-right memers and prominent white nationalists have frequently appeared at properties owned by President Trump, where they’ve hosted gatherings, mingled with officials and spent money, according to research obtained by Salon.

      • The Gulf War, 30 Years and Counting
      • What Would It Take to Avert Military Escalation With China in the South China Sea?

        One after another, the Department of Defense has been sending its most advanced and threatening weapons into the South China Sea as part of a concerted drive to remind China of America’s superior combat power.

      • Chomsky on Israel’s Hindering of Palestinian Pandemic Response & Threat to Annex Occupied West Bank

        Noam Chomsky says Israel’s planned annexation of the occupied West Bank “basically formalizes” what has already been official policy over the last half-century, from both left-wing and right-wing parties in Israel. He compares Israel’s treatment of Palestinians to anti-immigrant policies in the United States, and says the main goal of annexation is to take over as much territory while excluding its Palestinian inhabitants. “Israel does not want to bring Palestinian populations into the greater Israel they’re constructing.”

      • ‘Trump’s Troops Are Breaking the Law and Creating Chaos’

        Janine Jackson interviewed legal scholar Marjorie Cohn about secret police in Portland for the July 24, 2020, episode of CounterSpin. This is a lightly edited transcript.

      • New York Grand Jury Indicts Two Former Leaders of Mexico’s Drug War for Cartel Connections

        A New York grand jury on Thursday indicted two former leaders of the Mexican federal police force, including one who oversaw the anti-narcotics units that were specially vetted by the U.S. Drug Enforcement Administration and were linked to two brazen massacres in Mexico that left dozens, possibly hundreds, of people dead and missing.

        The indictments marked a stunning fall from grace for Ramón Pequeño García and Luis Cárdenas Palomino, who had been celebrated by U.S. national security and diplomatic officials as trusted partners in the fight against Mexican drug cartels.

      • How Covid-19 Could Upend Geopolitics

        I don’t trust you.

      • US Bases in Qatar, UAE Go on Alert as Iran Fires Ballistic Missiles at Mock-Up of US Aircraft Carrier

        A real potential to spiral out of control into a hot war.

      • With Trump donor in charge, Postal Service may shut locations and cut service before Election Day

        Cutting service and shuttering locations are both under consideration by the U.S. Postal Service as the agency faces a cash crunch ahead of an expected surge in mail-in voting due to the coronavirus pandemic, according to a sitting U.S. senator and numerous postal worker union officials.

      • Lawmakers Warn New USPS Loan Terms "Could Accelerate Demise of Postal Service"

        Leading congressional Democrats are warning that an emergency loan agreement announced Wednesday by Treasury Secretary Steve Mnuchin and new Postmaster General Louis DeJoy — a major donor to President Donald Trump and the GOP — could “accelerate the demise of the Postal Service” by giving the administration unprecedented access to the popular agency’s internal operations.

      • Lawmakers Warn 'Onerous' New USPS Loan Terms Imposed by Mnuchin 'Could Accelerate Demise of Postal Service'

        "Mnuchin and the leadership of the U.S. Postal Service appear to be exploiting this public health pandemic to hold the Postal Service to unreasonable loan terms without even consulting Congress."

      • Trump's new postmaster general could corrupt a key institution ahead of Election Day

        Throughout his presidency, Donald Trump has attacked democratic institutions and undermined independent agencies. Now, as millions of voters are relying on the Postal Service to support our elections during the coronavirus pandemic, Trump is politicizing another once-nonpartisan government agency. Having a political ally with ethical and competence questions like DeJoy lead the agency potentially puts November's election at risk.

      • Libyan returns, Darfur emergency, and a pared-back pilgrimage: The Cheat Sheet

        The extreme dangers for migrants and refugees trying to reach Europe via north Africa and the Central Mediterranean were underlined this week. Libyan authorities shot dead three Sudanese asylum seekers on 27 July as they attempted to flee after being intercepted at sea and returned to the country by the EU-backed Libyan Coast Guard. And in two separate incidents, boats carrying close to 100 asylum seekers and migrants were left to drift for more than a day as both Libyan and Maltese authorities failed to respond to distress calls – a recurring pattern since the onset of the coronavirus pandemic. After a private merchant vessel also refused to help one of the stranded boats, Maltese authorities eventually rescued one and the Italian Coast Guard the other. At least 232 people are known to have died or gone missing in the Central Mediterranean so far this year, although the true number is almost certainly higher. Meanwhile, at least 1,750 people died – many of them in Libya – between 2018 and 2019 while undertaking journeys from East and West Africa to the Mediterranean coast, making the migration route one of the deadliest in the world, according to a new report from the UN’s refugee agency and the Danish Refugee Council. Keep an eye out for upcoming TNH articles on the surge in disappearances of people returned to Libya and on the fledgling legal bids to sue the EU for assisting human rights abuses in the country.

    • Transparency/Investigative Reporting

      • Celebrating National Whistleblower Appreciation Day, Despite All Its Contradictions

        On July 30, 2013, United States Army whistleblower Chelsea Manning was convicted of violating the Espionage Act and various other offenses.

        It was National Whistleblower Appreciation Day, and though she was not found guilty of “aiding the enemy,” the verdict in her trial crystallized a contradiction among the political establishment. Officials profess a commitment to whistleblowers except when they blow the whistle on abuse, fraud, or corruption that they have a vested interest in defending.

    • Environment

      • 'Choose the People': Greenpeace Targets Vulnerable GOP Senators With Demand to Pass Urgently Needed Covid-19 Relief

        "We are calling on these senators to do their job. Now is the time for bold action from our elected officials."

      • Climate change 'driving UK's extreme weather'

        It shows that UK temperatures in 2019 were 1.1€° C above the 1961-1990 long-term average.

      • How to Bring About Catastrophic Success in the Face of Climate Change

        By decolonizing the atmosphere and making climate reparations, Eric Holthaus shows just how hopeful the next 30 years could€ be.

      • Mainstream News Prioritises Big Business and Opponents of Climate Action – Study

        “I wanted to specifically look at which interest groups get a say in this debate, what voices are dominating the national conversation about climate change, and how is that reflected in media coverage,” study author Rachel Wetts, Assistant Professor of Environment and Society and Sociology at Brown University, told€ DeSmog.

      • Energy

        • Moore’s Law of Entropy: Greens, Greenbacks, and Green Energy

          For those of us who grew up watching Charlton Heston films, we can recall enactments of heroic courage, both in the early development and later downward decline of human civilization. Heston gave us a magnificent Moses in The Ten Commandments (1956), returning all scraggly from the wilderness, like some people I knew in the Sixties returning from poetry communes, holding up that Decalogue in revolutionary resistance to the gold lust of Baal. He refused to be a slave in Ben Hur (1959). He gave us a Live Free or Die kind of ethos. No debt slavery, no bondage of any kind.

        • With Dirty Energy Sector Crashing, Nearly 70 Groups Urge Fed to Stop Buying Up Wasteful Fossil Fuel Industry Debt

          "The Fed needs to reduce systemic risk during this health and economic crisis and stop boosting the industry driving climate devastation."

        • Waste plastic cascade could triple in 20 years

          In a throwaway world, some discards are forever. New research measures the crisis of the world’s waste plastic.

        • As Trump Leaves Permian Oilfield, Industry Insiders Question If 2020 Bust Marks Texas Oil's Last Big Boom

          The west Texas Mr. Trump left behind bears little resemblance to the region as it was when he first took office in January 2017, as the shale rush resumed following 2016’s oil price€ plunge.

        • Democracy on Hold

          At the beginning of the year, I put together a project called The Ballot to try to track every election in 2020. I wanted to have writers comment on elections in their countries as Americans glued themselves to the horse racing leading up to ours. We didn’t realize how many of those elections would end up delayed or canceled.

          In mid-March our journalists started writing in to say that elections were being put off, even in places where there were few cases of coronavirus. This first happened in North Macedonia—a snap parliamentary election that would have centered on possible EU membership and the country’s recent name change. Then in Ethiopia, where an election would have tested Prime Minister Abiy Ahmed’s promise of reform.

          About sixty countries now have delayed elections because of COVID-19, according to the International Foundation for Electoral Systems. These delays prolong authoritarian regimes in countries like Bolivia, where interim president Jeanine Áñez has used the pandemic to extend her power and clamp down on protesters. In Poland, the ruling Law and Justice Party tried to hold a possibly illegal vote-by-mail election and has now delayed the ballot. For years, pundits have talked about a decline in democracy, but now in many countries people literally can’t vote.

          Voters around the world are being deprived in an unprecedented way of the chance to express themselves. In many places the deferred elections are local ones, like in England, where municipal elections have been delayed for a year. Even in those cases, however, voters cannot use down-ballot races to express their dissatisfaction with the political party running the country—say, for example, over a deadly policy of “herd immunity.” And the disruption in countries like Ethiopia and Poland is taking place on a national level.

          Some elections may be rescheduled later in the summer. But even then no one knows: how do you vote safely in a pandemic? These deferrals come at a time of aching unemployment, staggering job loss, and rapidly increasing poverty. Even in instances where elections may not be as consequential, the implication is that people are powerless not only against the virus but against any response to it.

      • Wildlife/Nature

    • Finance

      • Here’s How We Remake the Economy

        The Fed's crisis response exposes the faulty logic of moralizing, pro-austerity politicians and economists.

      • Moderna Shows All Those Lazy Unemployed Workers How to Really Rip Off the Government

        Moderna, a relatively new biotech company, has generally been seen as the leading U.S. contender to develop a coronavirus vaccine, although it trails several Chinese companies. Whether or not its vaccine pans out, it should certainly get an award for milking the government.

      • Ocasio-Cortez Amendment Takes Aim at 'Racist, Classist' Attack on Fair Housing by Trump

        "We must hinder President Trump's efforts to segregate communities and to discriminate against Black and Brown homeowners and renters."

      • Who Profits From Trump Administration's $6 Billion Vaccine Program?

        As researchers around the world race to find a vaccine for COVID-19, we speak with Peter Maybarduk, director of Public Citizen’s Access to Medicines Program, about who is profiting from government efforts to fund vaccines, testing and treatment. The Trump administration has announced major contracts with pharmaceutical companies as part of its $6 billion program, Operation Warp Speed, including with firms that have never brought a vaccine to market. Meanwhile, a New York Times investigation shows corporate insiders from at least 11 companies working on coronavirus research have sold shares worth more than $1 billion since March. “The problem is that the companies, the executives, the hedge funds are feeding on people’s hope and desperation, and it only takes a little bit of positive news to send stocks soaring,” says Maybarduk. Public Citizen recently released a database that tracks the billions of taxpayer dollars supporting COVID-19 research.

    • AstroTurf/Lobbying/Politics

    • Censorship/Free Speech

      • The PACT Act Is Not The Solution To The Problem Of Harmful Online Content

        The Senate Commerce Committee’s Tuesday hearing on the PACT Act and Section 230 was a refreshingly substantive bipartisan discussion about the thorny issues related to how online platforms moderate user content, and to what extent these companies should be held liable for harmful user content.

        The hearing brought into focus several real and significant problems that Congress should continue to consider. It also showed that, whatever its good intentions, the PACT Act in its current form does not address those problems, much less deal with how to lessen the power of the handful of major online services we all rely on to connect with each other.

      • New Hampshire Supreme Court Issues Very Weird Ruling Regarding Section 230

        In New Hampshire, Facebook has been dealing with a pro se lawsuit from the operator of a cafe, whose Instagram account was deleted for some sort of terms of service violation (it is never made clear what the violation was, and that seems to be part of the complaint). The Teatotaller cafe in Somerset, New Hampshire, apparently had and lost an Instagram account. The cafe's owner, Emmett Soldati first went to a small claims court, arguing that this violated his "contract" with Instagram, and cost his cafe revenue. There are all sorts of problems with that, starting with the fact that Instagram's terms of service, like every such site, say they can remove you for basically any reason, and specifically says:

      • Turkey's New Internet Law Is the Worst Version of Germany's NetzDG Yet

        For years, free speech and press freedoms have been under attack in Turkey. The country has the distinction of being the world’s largest jailer of journalists and has€ in recent years been€ cracking down on online speech.€ Now, a new law, passed by the Turkish Parliament on the 29th of July, introduces sweeping new powers and takes the country another giant step towards further censoring speech online. The law was ushered through parliament quickly and without allowing for opposition or stakeholder inputs and aims for complete control over social media platforms and the speech they host. The bill was introduced after a series of allegedly insulting tweets aimed at President Erdogan’s daughter and son-in-law and ostensibly aims to eradicate hate speech and harassment online. Turkish lawyer and€ Vice President of Ankara Bar Association IT, Technology & Law Council GülÅŸah Deniz-Atalar called the law "an attempt to initiate censorship to erase social memory on digital spaces."

        Once ratified by President Erdogan, the law would mandate social media platforms with more than a million daily users to appoint a local representative in Turkey, which activists are concerned will enable the government to conduct even more censorship and surveillance. Failure to do so could result in advertisement bans, steep penalty fees, and, most troublingly, bandwidth reductions. Shockingly, the legislation introduces new powers for Courts to order Internet providers to throttle social media platforms’ bandwidth by up to 90%, practically blocking access to those sites. Local representatives would be tasked with responding to government requests to block or take down content. The law foresees that companies would be required to remove content that allegedly violates “personal rights” and the “privacy of personal life” within 48 hours of receiving a court order or face heavy fines. It also includes provisions that would require social media platforms to store users’ data locally, prompting fears that providers would be obliged to transmit those data to the authorities, which experts expect to aggravate the already rampant self-censorship of Turkish social media users.€ 

      • Hong Kong’s academics are being isolated in more ways than one

        One of the four main offences set out in the law, for which penalties include life imprisonment, is “collusion with a foreign country or with external elements to endanger national security”. Of course, universities today have to prioritise international collaborations. Yet the precise nature of “collusion and of “external elements” is so vague that most academics will surely think twice before getting openly involved in projects in fields such as security, international relations, politics and even arts and humanities.

      • Facebook, Google Told They Must Pay Australia Media For News

        Australia’s government has ordered Facebook Inc. and Alphabet Inc.’s Google to share revenue generated from news articles, adding to growing global regulatory and political pushback against the digital giants.

        The two companies will have to negotiate with traditional media on remuneration in good faith, Treasurer Josh Frydenberg said Friday. If no agreement is reached, there will be a binding arbitration process and penalties for breaching the code of up to A$10 million ($7 million) or 10% of local revenue.

    • Freedom of Information/Freedom of the Press

      • Portland Journalists Ask For Sanctions As Federal Agents Continue To Assault Reporters And Legal Observers

        Protests related to the killing of George Floyd by Minneapolis police officer Derek Chauvin have passed the two-month mark in Portland, Oregon. In response to unfettered liberalism, the Trump administration has sent in the troops. Officers from ICE, CBP, US Marshals Service, and other federal agencies flooded into Portland with the ostensible aim of protecting federal property, like the courthouse targeted by protesters.

      • How the DHS Can Still Arrest Journalists in Portland

        While the existing restraining order does mandate several restrictions, there were qualifications—which the DHS’s legal guidance appears keen to stress. For example, while the court order forbids the DHS from using crowd control devices like tear gas against journalists and legal observers—like members of the National Lawyers Guild or ACLU present to act as independent monitors—it provides an exemption for “incidental exposure.”

        “If a journalist or legal observer is incidentally exposed to crowd-control devices after remaining in the area, you will not [be] held liable,” the DHS document states [emphasis in original]. “Incidentally means that the journalists or legal observers, while not the target of the crowd-control devices, still end up being exposed to the crowd-control devices because of where they are located.”

    • Civil Rights/Policing

      • Centering the Earth

        Something remarkable is happening in the US in 2020 in terms of public awareness of race.

      • Appeals Court Says Sheriff Thomas Dart Must Face Lawsuit Over His Violation Of Arrestees' Rights

        Cook County (IL) Sheriff Tom Dart doesn't appear to know much about the First Amendment. He also doesn't understand Section 230. The grandstanding sheriff has graced Techdirt's page multiple times for suing online marketplaces and strong-arming payment companies in a severely misguided attempt to combat sex trafficking. His assaults on Craigslist and Backpage were terminated by federal courts, which reminded the sheriff of the existence of both Section 230 immunity and the First Amendment. Law enforcement officers may not be required to know the laws they enforce, but they should at least have some passing familiarity with the Constitution.

      • Together, You Can Redeem the Soul of Our Nation

        Though I am gone, I urge you to answer the highest calling of your heart and stand up for what you truly believe.

      • In Wake of Recent Victories, Standing Rock Activists Carry On With Renewed Hope

        “The hardest part about locking down, is deciding to do it,” Mark K. Tilsen told Truthout.

      • Wilmington Protest Meeting Demands Federal Troops Out of Portland, US Troops Out of Cuba

        A successful meeting and street protest in Wilmington, California, a neighborhood near the LA Harbor, highlighted harbor area efforts for Black Lives Matter and€ efforts to end the US blockade of Cuba.

      • For Black & Pink Organizers, Decarceration Must Grapple With Constant Violence Against LGBTQ+ People

        For many people dissenting from the carceral state, namely the policing and prison systems, the act of existing outside of these modes is about the value they place on their life and the lives around them. They say the state fails to give said value and care to much of the country’s population from urban communities of color to poor, white rural pockets of the midwest. And if you’re queer or transgender, it’s tenfold.

        “When you’re Black or trans and formerly or currently incarcerated, our culture says you’re disposable,” said Dominique Morgan (they/them). “We’re comfortable engaging in throwing them away because we’ve made it seem like ‘Oh, they chose to not be amongst us. So this is their consequence.’ It’s a false narrative we’ve been sold to dispose of us.”

      • Border Patrol Violently Assaults Civil Rights and Liberties

        Ending Border Patrol’s long-standing abuses and impunity requires divestment, accountability, and removing the agency from U.S. communities.

      • Beyond Prisons: Abolition Is Our Obligation feat. Dylan Rodríguez

        Professor, author, and abolitionist scholar Dr. Dylan Rodríguez joins Kim Wilson and Brian Sonenstein on an episode of the Beyond Prisons podcast.€ 

        This is the first part of a two part conversation. In Part 1, Dr. Rodríguez explains his belief that abolition is our obligation, touching on the development of anti-Black algorithms used to keep people in prison, what it means to be vulnerable in the context of doing this work and how vulnerability is the starting point for an abolitionist practice, and the profound impact that Robert Allen’s book Black Awakening in Capitalist America had on shaping Dylan’s own thinking.€ 

      • Portland Protesters No Longer Being Banned From Attending Protests to Win Release From Jail

        Federal defenders and prosecutors in Portland, Oregon, have teamed up to try to end a court practice of releasing arrested protesters only after they have agreed not to attend protests — a restriction that legal experts called a clear violation of the constitutional right to free assembly.

        There are early signs that the effort is working. After the joint request, a federal magistrate judge released two protesters without including restrictions on their attendance at protests or other mass events — or imposing a blanket curfew on them during evening hours. The same magistrate, Jolie A. Russo, had signed some of the release orders since July 23 that included protest bans.

      • Moscow court sentences American student to nine years in prison for assaulting police officers

        Moscow’s Golovinsky Court has sentenced American citizen Trevor Reed to nine years in prison for resisting police officers when he was arrested in the summer of 2019.

      • The Enduring Wisdom of John Lewis

        Representative John Lewis carried bananas and water as he walked into Hillary Clinton’s Waterloo, Iowa, headquarters on the bitterly cold night before the 2016 caucus. He knew from experience that exhausted activists, campaign staff and volunteers needed fruit, hydration, and inspiration.

      • Self-Congratulation Is Unattractive

        …but I shall do it anyway.

      • Ahmadi Muslim Sect Member Killed in Pakistani Court was US Citizen

        A member of the Ahmadi minority Muslim sect who was shot and killed during his hearing on blasphemy charges in a Pakistani courtroom Wednesday was a U.S. citizen, the U.S. Department of State confirmed.

        Tahir Naseem Ahmad, 57, allegedly proclaimed prophethood in 2018 and was fatally shot by a teenager who reportedly justified his action as a defense of Islam.

      • Lack of awareness, data hinders cases of missing and murdered Native American women, study finds

        The mysterious circumstances surrounding McConnell's killing is one of hundreds of cases of missing or murdered Indigenous women and girls across the United States that never garnered national headlines or social media attention or demands for justice from powerful people. The absence of awareness or widespread scrutiny in these cases is the focus of a report released Thursday that documented 2,306 missing Native American women and girls in the U.S., about 1,800 of whom were killed or vanished within the past 40 years.

        Nearly 60 percent of the cases are homicides and 31 percent involve girls 18 and younger, according to data analyzed by the Sovereign Bodies Institute, a nonprofit, Indigenous-led research organization that began counting and mapping such missing and murdered cases over the past few years. In addition, nearly three-quarters of the cases had victims who were living within the foster care system when they went missing. The vast majority of cases in the U.S., as well as another 2,000 in Canada, remain unsolved, according to the research.

    • Monopolies

      • House Judiciary Spends 5.5 Hours Making Themselves Look Foolish, Without Asking Many Actual Tough Questions Of Tech CEOs

        How was your Wednesday? I spent 5 and a half hours of mine watching the most inane and stupid hearing put on by Rep. David Cicilline, and the House Judiciary Committee's Subcommittee on Antitrust, Commercial & Administrative Law. The hearing was billed as a big antitrust showdown, in which the CEOs of Google, Facebook, Apple and Amazon would all answer questions regarding an antitrust investigation into those four companies. If you are also a glutton for punishment, you can now watch the whole thing yourself too (though, at least you can watch it at 2x speed). I'll save you a bit of time though: there was very little discussion of actual antitrust. There was plenty of airing of grievances, however, frequently with little to no basis in reality.

      • 'Monopoly Power' of Tech Giants 'Must End,' Says Top Dem After Marathon Hearing by Powerful CEOs

        "Their control of the marketplace allows them to do whatever it takes to crush independent business and expand their own power."

      • In the pandemic economy, tech companies are raking it in

        The hearing was about how tech companies have consolidated their power. The coronavirus seems to be making that consolidation even easier. No wonder, when it became clear the antitrust hearing would be delayed, that the rescheduled hearing took place before earnings. None of these companies wanted their earnings numbers read aloud to them before questioning began. Those four companies combined took in $28.6 billion in profits in just one quarter.

      • Patents

        • Federal Circuit Narrows Application of Hooke’s Law, but Still Wields the Ineligibility Hammer

          When I talked with PTO Director Andrei Iancu a few months ago, he lamented that the Federal Circuit is now finding the manufacturing of Truck Axles and operation of Garage Door Openers ineligible for patenting. The Federal Circuit panel has rewritten its Axle decision — now holding that American Axle’s asserted claim 1 might be eligible; Claim 22 remains ineligible.

        • Software Patents

          • Quibi's Dispute with Eko Over Turnstyle Feature Trimmed By Judge

            The companies filed dueling lawsuits in early March. Quibi fired first asking the court for a declaration that it doesn't infringe Eko's patent and that it hasn't misappropriated any trade secrets and for an injunction barring Eko from continuing to make such allegations. Eko shot back asking the court to give it ownership of Quibi's patent and bar the company from using the trade secrets it's accused of stealing.

            Each of the parties this spring filed a motion to dismiss the other's complaint. U.S. District Judge Christina Snyder heard arguments on July 13 and on Tuesday issued her ruling.

            Snyder denied Eko's motion to dismiss Quibi's complaint, but granted its motion to consolidate the two matters — at least for pre-trial proceedings. She'll decide later whether to consolidate them for trial.

            Quibi moved to dismiss all nine of Eko's claims. Snyder granted dismissal without prejudice on three of them, breach of implied contract, breach of a nondisclosure agreement and false association.

          • The Three Properties of Patent-Eligibility: An Empirical Study

            Patent eligibility is a bit of a mess these days. Ever since the Supreme Court handed down the Alice v. CLS Bank decision six years ago, the distinction between what might be subject matter that can be patented and what is not has been blurry at best.

            Famously, the Court legislated its own two-part test to determine whether claims are directed to patent-eligible subject matter under 35 U.S.C. ۤ 101. One must first decide whether the claim at hand involves a judicially-excluded law of nature, a natural phenomenon, or an abstract idea. If so, then one must further decide whether any element or combination of elements in the claim is sufficient to ensure that the claim amounts to significantly more than the judicial exclusion. But elements or combinations of elements that are well-understood, routine, and conventional will not lift the claim over the ۤ 101 hurdle. While the Alice inquiry is generally carried out as a matter of law, factual issues can come into play when determining whether something is well-understood, routine, and conventional.

            However, the Court declined to define what it meant by "abstract idea" or "significantly more," leaving that for the Federal Circuit and the rest of us to figure out. By admission of several of its own members, the Federal Circuit has failed to do so in a cogent fashion. As just one example (and this is a doozy of an example) Judge Plager wrote in 2018's Interval Licensing v. AOL case that "[t]he law . . . renders it near impossible to know with any certainty whether the invention is or is not patent eligible" and "a search for a definition of 'abstract ideas' in the cases on ۤ 101 from the Supreme Court, as well as from this court, reveals that there is no single, succinct, usable definition anywhere available."

            Meanwhile, the USPTO's interpretation of Alice has added more steps to the test, clarified some aspects, muddied others, and counts for little to nothing in the courts.

            [...]

            We also calculated correlations between each of the properties and the eligibility outcome. For specificity, the correlation was 0.58, for technical nature, the correlation was 0.80, and for novelty, the correlation was 0.74. These results have an interesting implication for patent practitioners drafting initial claim sets or making amendments. The technical nature of an invention appears to have the biggest impact on whether it is found to be eligible, but the practitioner has the least control over this aspect. An invention that solves a business problem may be difficult to recast as solving a technical problem even using the cleverest claim drafting techniques. Specificity and novelty, however, are more under the control of the practitioner, as detailed elements directed toward features believed not to be in the prior art can always be added (modulo the applicant's needs of course). Thus, for a claim that is on the fence with respect to its technical character, making sure that it has at least one element that is specific and novel may help.

            To sum up, the three properties appear not only to be a reasonably useful way of thinking about patent-eligibility in a world where the two-part test is bewildering and obtuse, it is also highly predictive of patent-eligibility outcomes.[1] Nonetheless, while we attempted to avoid any bias during the scoring process, we are aware that there is a degree of subjectivity in our evaluations. Moreover, the set of case law should be expanded beyond these 24 samples. Therefore, we welcome others to suggest adjustments to the scoring and/or to continue this study with further cases.

      • Trademarks

        • Two Breweries Fight Over The Right To Use A Geographic Name Due To Trademark

          If there is one thing that really needs to stop at the USPTO, it is the organization's continued approval for trademarks on terms that are basic geographic indicators. While this isn't just an American thing, far too often people are able to get trademark approvals for marks like area codes or the name of their home counties and towns. Given that the purpose of trademark law is to allow unique identifiers for the source of a good or service, marks like these are obvious perversions of the law.

      • Copyrights

        • Facebook Is Set to Finally Get the Rights to Show Music Videos

          Partnerships with the three largest music companies -- Universal Music Group, Sony Music Entertainment and Warner Music Group -- are expected to be announced soon, said the people, who asked not to be identified because the information is private.

        • YouTube Rippers Eye Supreme Court After Appeals Court Denies Rehearing

          The Court of Appeals for the Fourth Circuit has denied a request from YouTube rippers FLVTO.biz and 2conv.com for a full rehearing. The Russian owner of the sites warned of a dangerous precedent, but the Court's judges disagreed. The sites' legal team is now considering taking the case to the Supreme Court.

        • An unprecedented Nintendo leak turns into a moral dilemma for archivists

          From a historical and preservationist perspective, the leak is an incredible find. It’s a rare look into the process and discarded ideas of one of the most influential — and secretive — companies in video games. But for those preservationists digging through the data, that excitement is tainted by a moral dilemma. The origins of the code leak are still largely unknown, but it’s likely that it was obtained illegally. That presents a pertinent question: does the source of the leak tarnish all that historians can learn from it?

        • Internet Archive Tells Court its Digital Library is Protected Under Fair Use

          The Internet Archive has filed its answer and affirmative defenses in response to a copyright infringement lawsuit filed by a group of publishers. Among other things, IA believes that its work is protected under the doctrine of fair use and the safe harbor provisions of the DMCA.

        • A Quarter-Billion Dollar Bag of Beans: Responding to Ken Whyte’s Attack on Library Book Loans

          The value of libraries obviously extends far beyond the PLR, but if the claims are focused on the compensation for authors, authors groups successfully addressed that issue in the 1980s. They have been the beneficiary of hundreds of millions of dollars for library loaning activity as a result, which, needless to say, is enough for those so-called “guileless authors” to buy a lot of beans.

        • Mexico's New Copyright Law Undermines Mexico's National Sovereignty, Continuing Generations of Unfair "Fair Trade Deals" Between the USA and Latin America

          Earlier this month, Mexico's Congress hastily imported most of the US copyright system into Mexican law, in a dangerous and ill-considered act. But neither this action nor its consequences occurred in a vacuum: rather, it was a consequence of Donald Trump's US-Mexico-Canada Agreement (USMCA), the successor to NAFTA.

          Trade agreements are billed as creating level playing fields between nations to their mutual benefit. But decades of careful scholarship show that poorer nations typically come off worse through these agreements, even when they are subjected to the same rules, because the same rules don't have the same effect on different countries. Besides that, Mexico has now adopted worse rules than its trade partners.

        • Disability, Education, Repair and Health: How Mexico's Copyright Law Hurts Self-Determination in the Internet Age

          Mexico's new copyright law was rushed through Congress without adequate debate or consultation, and that's a problem, because the law -- a wholesale copy of the US copyright system -- creates unique risks to the human rights of the Mexican people, and the commercial fortunes of Mexican businesses and workers.

          The Mexican law contains three troubling provisions:

        • A Legal Deep Dive on Mexico’s Disastrous New Copyright Law

          Mexico has just adopted a terrible new copyright law, thanks to pressure from the United States (and specifically from the copyright maximalists that hold outsized influence on US foreign policy).

          This law closely resembles the Digital Millennium Copyright Act enacted in the US 1998, with a few differences that make it much, much worse.



Recent Techrights' Posts

Comparing U.E.F.I. to B.I.O.S. (Bloat and Insecurity to K.I.S.S.)
By Sami Tikkanen
New 'Slides' From Stallman Support (stallmansupport.org) Site
"In celebration of RMS's birthday, we've been playing a bit. We extracted some quotes from the various articles, comments, letters, writings, etc. and put them in the form of a slideshow in the home page."
Thailand: GNU/Linux Up to 6% of Desktops/Laptops, According to statCounter
Desktop Operating System Market Share Thailand
António Campinos is Still 'The Fucking President' (in His Own Words) After a Fake 'Election' in 2022 (He Bribed All the Voters to Keep His Seat)
António Campinos and the Administrative Council, whose delegates he clearly bribed with EPO budget in exchange for votes
Adrian von Bidder, homeworking & Debian unexplained deaths
Reprinted with permission from Daniel Pocock
Sainsbury’s Epic Downtime Seems to be Microsoft's Fault and Might Even Constitute a Data Breach (Legal Liability)
one of Britain's largest groceries (and beyond) chains
 
People Don't Just Kill Themselves (Same for Other Animals)
And recent reports about Boeing whistleblower John Barnett
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, March 18, 2024
IRC logs for Monday, March 18, 2024
Suicide Cluster Cover-up tactics & Debian exposed
Reprinted with permission from Daniel Pocock
Gemini Links 19/03/2024: A Society That Lost Focus and Abandoning Social Control Media
Links for the day
Matthias Kirschner, FSFE: Plagiarism & Child labour in YH4F
Reprinted with permission from Daniel Pocock
Linux Foundation Boasting About Being Connected to Bill Gates
Examples of boasting about the association
Alexandre Oliva's Article on Monstering Cults
"I'm told an earlier draft version of this post got published elsewhere. Please consider this IMHO improved version instead."
[Meme] 'Russian' Elections in Munich (Bavaria, Germany)
fake elections
Sainsbury's to Techrights: Yes, Our Web Site Broke Down, But We Cannot Say Which Part or Why
Windows TCO?
Plagiarism: Axel Beckert (ETH Zurich) & Debian Developer list hacking
Reprinted with permission from Daniel Pocock
Links 18/03/2024: Putin Cements Power
Links for the day
Flashback 2003: Debian has always had a toxic culture
Reprinted with permission from Daniel Pocock
[Meme] You Know You're Winning the Argument When...
EPO management starts cursing at everybody (which is what's happening)
Catspaw With Attitude
The posts "they" complain about merely point out the facts about this harassment and doxing
'Clown Computing' Businesses Are Waning and the Same Will Happen to 'G.A.I.' Businesses (the 'Hey Hi' Fame)
decrease in "HEY HI" (AI) hype
Free Software Needs Watchdogs, Too
Gentle lapdogs prevent self-regulation and transparency
Matthias Kirschner, FSFE analogous to identity fraud
Reprinted with permission from Daniel Pocock
Gemini Links 18/03/2024: LLM Inference and Can We Survive Technology?
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, March 17, 2024
IRC logs for Sunday, March 17, 2024
Links 17/03/2024: Microsoft Windows Shoves Ads Into Third-Party Software, More Countries Explore TikTok Ban
Links for the day
Molly Russell suicide & Debian Frans Pop, Lucy Wayland, social media deaths
Reprinted with permission from Daniel Pocock
Our Plans for Spring
Later this year we turn 18 and a few months from now our IRC community turns 16
Open Invention Network (OIN) Fails to Explain If Linux is Safe From Microsoft's Software Patent Royalties (Charges)
Keith Bergelt has not replied to queries on this very important matter
RedHat.com, Brought to You by Microsoft Staff
This is totally normal, right?
USPTO Corruption: People Who Don't Use Microsoft Will Be Penalised ~$400 for Each Patent Filing
Not joking!
The Hobbyists of Mozilla, Where the CEO is a Bigger Liability Than All Liabilities Combined
the hobbyist in chief earns much more than colleagues, to say the least; the number quadrupled in a matter of years
Jim Zemlin Says Linux Foundation Should Combat Fraud Together With the Gates Foundation. Maybe They Should Start With Jim's Wife.
There's a class action lawsuit for securities fraud
Not About Linux at All!
nobody bothers with the site anymore; it's marketing, and now even Linux
Links 17/03/2024: Abuses Against Human Rights, Tesla Settlement (and Crash)
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, March 16, 2024
IRC logs for Saturday, March 16, 2024
Under Taliban, GNU/Linux Share Nearly Doubled in Afghanistan, Windows Sank From About 90% to 68.5%
Suffice to say, we're not meaning to imply Taliban is "good"
Debian aggression: woman asked about her profession
Reprinted with permission from Daniel Pocock
Gemini Links 17/03/2024: Winter Can't Hurt Us Anymore and Playstation Plus
Links for the day